package cn.itcast.service;

import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

@RequestMapping("/abc")
@RestController
public class PreAuthorizeService {
    @PreAuthorize("hasRole('ROLE_ADMIN')")
    @RequestMapping("/add")
    public String add(){
        return "success add...";
    }

    @PreAuthorize("hasAuthority('delete')")
    @RequestMapping("/delete")
    public String delete(){
        return "success delete...";
    }
}
